A poll of 250 IT and cybersecurity experts at firms with more than $100 million in annual revenue indicates that purchasing cybersecurity is far more popular than building and managing cybersecurity systems.
The poll, conducted by CITE Research on behalf of Cribl, a provider of a data routing platform, reveals that despite economic challenges, 95 percent of respondents will boost investments in cybersecurity, with over two-thirds of respondents (62 percent) planning to purchase rather than create.
54% of respondents plan to invest in automation across infrastructure and cybersecurity. Nonetheless, just over a third (36%) of respondents expect to reduce funds for staffing and training despite the growing attack surface. This change means that many firms will increasingly rely on external knowledge.
MSPs are rethinking cybersecurity delivery
The increasing desire in relying more on easily consumable cybersecurity services coincides with the evolution of the platforms used to supply these capabilities. Historically, a significant number of managed security service providers (MSSPs) have constructed their own security operations centers (SOCs). Now, it is easier than ever before to resell SOC services provided by another MSSP or a vendor.
Simultaneously, several MSPs are extending the scope of their cybersecurity services to go well beyond the transmission of warnings. Extended Managed Detection and Response (XDR) solutions have been deployed to improve the security of network edge endpoints and cloud services. And regardless of how these services are provided, the scope has grown substantially.
AI development is creating demand for foreign expertise
While there are numerous examples of firms that utilize these services, the majority of organizations continue to rely largely on internal cybersecurity teams who collaborate closely with IT operations teams to manage cybersecurity. But, the rise of artificial intelligence (AI) will certainly push firms to rely less on internal teams.
The explanation for this has little to do with those teams’ cybersecurity expertise. Rather, the cost of training AI models to stop cyberattacks is beyond the means of the vast majority of enterprises. To construct AI models, massive volumes of data must be collected and analyzed. The majority of organizations lack sufficient data to complete this task. Even if they had, it is unlikely that they have data scientists who comprehend the complexities of cybersecurity data. As attack vectors evolve, these AI models must likewise be constantly updated.
In the meantime, cybercriminals are gaining access to new classes of generative AI services that will enable them to unleash a wave of cyberattacks that will be increasingly difficult to detect without the assistance of counteracting AI platforms. In practice, the whole cybersecurity industry is currently engaged in an AI arms race. IT leaders who believe for one second that their organization can withstand this assault without depending heavily on external cybersecurity services are deluded.
Obviously, there are numerous MSPs that lack the resources necessary to develop and sustain these models. As the bar for providing effective cybersecurity services continues to raise, it is likely that some kind of consolidation will occur. The most pressing concern at present is determining with whom to form an alliance in order to maintain relevance tomorrow.